I agree with everything Darrin wrote, but would add a few things:
On Debian, its all very easy. Make sure you have your apt sources
set to download from the security tree, and update it somewhat
frequently.
Use Postfix/Dovecot - not only are they easy to setup, but they have
a good reputation for security (The dovecot guys will even pay you if
you find an exploit in their code).
On Oct 5, 2007, at 8:50 AM, Darrin Chandler wrote:
> On Fri, Oct 05, 2007 at 08:36:55AM -0700, Mark Phillips wrote:
>> 1. How difficult is it to maintain am email server?
>> A couple of articles/forums recommend using a third party for email
>> since keeping an email server secure is hard and a takes lots of
>> time.
>> Keeping on top of all the types of attacks and exploits people
>> come up
>> with, and then install patches to prevent them from taking over your
>> server and using it for nefarious activities is a full time job.
>> Is this
>> true?
>
> For your needs it is NOT a full time job. If you spend some time
> picking
> the tools you'll use and then check the history of the distro to
> see how
> well they maintain those packages you'll probably see that keeping
> up to
> date is not too hard.
>
>> 2. What combinations of MTA, MDA, MUA's do people use?
>> I have run across several articles that combine Postfix, Courier or
>> Dovecot, and SquirrelMail or Qmail, MySQL, ClamAV, and SpamAssassin.
>> Which is better (i.e. easier to install & maintain) Courier or
>> Dovecot?
>> What other combinations are better? How much time does it take to
>> keep
>> all these pieces secure?
>
> You're opening a can of worms. There are people using all manner of
> software in various combinations. Some will tell you horror stories
> about whatever they're not using. And the worst part is it's all true
> and everyone is right.
>
> That being said, I believe dovecot is easier out of the box than
> courier.
>
>> 3. How much hardware do I need?
>> I plan on using the funambol server for syncing the blackberry,
>> and that
>> requires a P4, 1.8 GHz, 200 MB disk space, and 512 MB of RAM. How
>> much
>> more do I need for email? Could my email server fit on the same
>> machine
>> or a separate machine? The funambol server is a J2EE application
>> (tomcat
>> & mysql) (http://www.funambol.com/).
>
> For a few users your hardware needs will be quite modest. That
> depends a
> lot on what all you put in the chain. SpamAssassin + ClamAV + whatever
> will use a lot more resources. If you can use greylisting then that
> will
> block most of the spam up front and allow you to use a heavier email
> stack on the back end.
>
> General advice: running a small email server is not a full time job
> and
> is entirely practical. But it's not a decision to be taken lightly. It
> will involve a fair amount of time to learn your way around, get
> all the
> pieces working together, make sure you're not allowing relaying, etc.,
> etc. After you get everything working you really, really need to
> keep up
> to date with patches. Keeping up to date is not hard, and not time
> consuming, but it must be done. IOW, this is a small committment,
> but it
> IS a committment.
>
> --
> Darrin Chandler | Phoenix BSD User Group | MetaBUG
> dwchandler@stilyagin.com | http://phxbug.org/ | http://
> metabug.org/
> http://www.stilyagin.com/ | Daemons in the Desert | Global BUG
> Federation
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>
> !DSPAM:14,47065d6638427464930826!
>
>
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)